What is the severity of RHSA-2023:0173?

The severity of RHSA-2023:0173 is rated as moderate.

How do I fix RHSA-2023:0173?

To fix RHSA-2023:0173, you need to update the libxml2 package to the version 2.9.7-15.el8_7.1 or later.

What vulnerabilities are addressed in RHSA-2023:0173?

RHSA-2023:0173 addresses CVE-2022-40303 and CVE-2022-40304 vulnerabilities in the libxml2 library.

What is affected by RHSA-2023:0173?

RHSA-2023:0173 affects the libxml2 library and its related packages available in Red Hat Enterprise Linux.

Is there a risk of exploitation with RHSA-2023:0173?

Yes, there is a risk of exploitation due to the vulnerabilities fixed in RHSA-2023:0173 if the updates are not applied.

Vulnerability/
RHSA-2023:0173

CWE

190

16/1/2023

15/11/2024

RHSA-2023:0173: Moderate: libxml2 security update

First published: Mon Jan 16 2023(Updated: )

The libxml2 library is a development toolbox providing the implementation of various XML standards.<br>Security Fix(es):<br><li> libxml2: integer overflows with XML_PARSE_HUGE (CVE-2022-40303)</li> <li> libxml2: dict corruption caused by entity reference cycles (CVE-2022-40304)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Software	Affected Version	How to fix
redhat/libxml2	<2.9.7-15.el8_7.1	2.9.7-15.el8_7.1
redhat/libxml2	<2.9.7-15.el8_7.1	2.9.7-15.el8_7.1
redhat/libxml2-debuginfo	<2.9.7-15.el8_7.1	2.9.7-15.el8_7.1
redhat/libxml2-debuginfo	<2.9.7-15.el8_7.1	2.9.7-15.el8_7.1
redhat/libxml2-debugsource	<2.9.7-15.el8_7.1	2.9.7-15.el8_7.1
redhat/libxml2-debugsource	<2.9.7-15.el8_7.1	2.9.7-15.el8_7.1
redhat/libxml2-devel	<2.9.7-15.el8_7.1	2.9.7-15.el8_7.1
redhat/libxml2-devel	<2.9.7-15.el8_7.1	2.9.7-15.el8_7.1
redhat/python3-libxml2	<2.9.7-15.el8_7.1	2.9.7-15.el8_7.1
redhat/python3-libxml2-debuginfo	<2.9.7-15.el8_7.1	2.9.7-15.el8_7.1
redhat/python3-libxml2-debuginfo	<2.9.7-15.el8_7.1	2.9.7-15.el8_7.1
redhat/python3-libxml2	<2.9.7-15.el8_7.1	2.9.7-15.el8_7.1
redhat/libxml2	<2.9.7-15.el8_7.1	2.9.7-15.el8_7.1
redhat/libxml2-debuginfo	<2.9.7-15.el8_7.1	2.9.7-15.el8_7.1
redhat/libxml2-debugsource	<2.9.7-15.el8_7.1	2.9.7-15.el8_7.1
redhat/libxml2-devel	<2.9.7-15.el8_7.1	2.9.7-15.el8_7.1
redhat/python3-libxml2	<2.9.7-15.el8_7.1	2.9.7-15.el8_7.1
redhat/python3-libxml2-debuginfo	<2.9.7-15.el8_7.1	2.9.7-15.el8_7.1
redhat/libxml2	<2.9.7-15.el8_7.1.aa	2.9.7-15.el8_7.1.aa
redhat/libxml2-debuginfo	<2.9.7-15.el8_7.1.aa	2.9.7-15.el8_7.1.aa
redhat/libxml2-debugsource	<2.9.7-15.el8_7.1.aa	2.9.7-15.el8_7.1.aa
redhat/libxml2-devel	<2.9.7-15.el8_7.1.aa	2.9.7-15.el8_7.1.aa
redhat/python3-libxml2	<2.9.7-15.el8_7.1.aa	2.9.7-15.el8_7.1.aa
redhat/python3-libxml2-debuginfo	<2.9.7-15.el8_7.1.aa	2.9.7-15.el8_7.1.aa

Never miss a vulnerability like this again

Reference Links

https://access.redhat.com/errata/RHSA-2023:0173 (Advisory)

Frequently Asked Questions

What is the severity of RHSA-2023:0173?
The severity of RHSA-2023:0173 is rated as moderate.
How do I fix RHSA-2023:0173?
To fix RHSA-2023:0173, you need to update the libxml2 package to the version 2.9.7-15.el8_7.1 or later.
What vulnerabilities are addressed in RHSA-2023:0173?
RHSA-2023:0173 addresses CVE-2022-40303 and CVE-2022-40304 vulnerabilities in the libxml2 library.
What is affected by RHSA-2023:0173?
RHSA-2023:0173 affects the libxml2 library and its related packages available in Red Hat Enterprise Linux.
Is there a risk of exploitation with RHSA-2023:0173?
Yes, there is a risk of exploitation due to the vulnerabilities fixed in RHSA-2023:0173 if the updates are not applied.

agent/severity
agent/type
agent/softwarecombine
agent/last-modified-date
agent/references
agent/first-publish-date
agent/weakness
agent/remedy
agent/title
agent/description
agent/tags
agent/event
collector/redhat-errata
source/Red Hat
anchor-id/RHSA-2023:0173
agent/software-canonical-lookup
package-manager/redhat

Frequently Asked Questions

What is the severity of RHSA-2023:0173?
The severity of RHSA-2023:0173 is rated as moderate.
How do I fix RHSA-2023:0173?
To fix RHSA-2023:0173, you need to update the libxml2 package to the version 2.9.7-15.el8_7.1 or later.
What vulnerabilities are addressed in RHSA-2023:0173?
RHSA-2023:0173 addresses CVE-2022-40303 and CVE-2022-40304 vulnerabilities in the libxml2 library.
What is affected by RHSA-2023:0173?
RHSA-2023:0173 affects the libxml2 library and its related packages available in Red Hat Enterprise Linux.
Is there a risk of exploitation with RHSA-2023:0173?
Yes, there is a risk of exploitation due to the vulnerabilities fixed in RHSA-2023:0173 if the updates are not applied.

RHSA-2023:0173: Moderate: libxml2 security update

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of RHSA-2023:0173?

How do I fix RHSA-2023:0173?

What vulnerabilities are addressed in RHSA-2023:0173?

What is affected by RHSA-2023:0173?

Is there a risk of exploitation with RHSA-2023:0173?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of RHSA-2023:0173?

How do I fix RHSA-2023:0173?

What vulnerabilities are addressed in RHSA-2023:0173?

What is affected by RHSA-2023:0173?

Is there a risk of exploitation with RHSA-2023:0173?